MAC address randomization in WiFi probe requests

To prevent third parties from using the MAC address to track devices, several vendors have implemented MAC address
randomization. This follows the idea to use disposable interface identifiers in order to improve users’ privacy. In
practice, this implies that probe requests no longer use the real MAC address of the device. For example, a new MAC
address can be used for each scan iteration, where one scan iteration consists of sending probe requests on all
usable channels.

However, since a specification on MAC address randomization does not yet exist, iOS, Windows, and Linux, all
implemented their own variants of MAC address randomization.

Linux

Linux added support for MAC address randomization during network scans. The address should be randomized for each
scan iteration. The mvm module of the iwlwifi driver supports randomization since kernel 3.18. The brcmfmac driver
added support for this in kernel 4.5.

The privacy-oriented Linux distribution Tails does not support MAC address randomization during network scans.
Instead, it generates a new random MAC address at boot. This random address keeps the first 3 bytes of the original
address, the Organization Unique Identifier (OUI), and only randomizes the last three bytes. While not as optimal as
periodical address changes, it does prevent tracking over extended periods of time.

Windows

Microsoft supports randomization since Windows 10. Enabling randomization is possible if the hardware and driver
support it. Interestingly, not only does Windows use random addresses for probe requests, it also uses a random
address when connected to the network.

To assure the client always uses the same address when connecting to a particular network, a per-network address is
calculated as follows: addr = SHA‌-256(SSID, macaddr, connId, secret)

Here SSID is the name of the network, macaddr the original MAC address, and connId a parameter that changes if the
user removes (and re-adds) the network to its preferred network list. The secret parameter is a 256-bits
cryptographic random number generated during system initialization, unique per interface, and kept the same across
reboots. Bits in the most significant byte of addr are set so it becomes a locally administered, unicast
address.

This hash construction is similar to the generation of IPv6 interface identifiers as proposed in RFC 7217. It assures
that systems relying on fixed MAC addresses continue to work as expected, e.g., when authentication is performed
based on the MAC address. Users can also manually instruct the OS to daily update the per-network address
randomly.

Android

Android strating from 6.0 uses randomization for background scans if the driver and hardware support it. Android
versions before 6.0 do not support randomization.

iOS

Apple added MAC address randomization to its devices starting from iOS 8. In iOS 8, randomized addresses are only
used while unassociated and in sleep mode. iOS 9 was extended to also use randomization in what Apples calls
location and auto-join scans. This means that randomization is now also used when the device is active, i.e., when
the screen is turned on.

More questions

Have questions?

We work hard to improve our services for you. As part of that process we welcome your feedback, questions
and suggestions. Please let us know your thoughts and feelings, and any way in which you think we can
improve our product.